[dns-operations] DoS with amplification: yet another funny Unix script
Laurent Frigault
lolo at troll.free.org
Wed Sep 12 13:25:16 UTC 2012
On Tue, Sep 11, 2012 at 09:29:53PM +0200, Mathieu Arnold wrote:
> +--On 10 septembre 2012 16:41:11 +0200 Laurent Frigault
> <lolo at troll.free.org> wrote:
> | Instead of working on the DNS answer, I try a modified version based on
> | the query on one of my DNS servers :
>
> I did that to begin with, the problem is that libpcap sees the packets
> blocked by pf, so it never ends, on the other side, there is no answer if
> the packet is blocked.
Yes, but pf tables handle duplicate well , so this is not a problem for
me.
--
Laurent Frigault | Free.org
More information about the dns-operations
mailing list